Overview

overview

7

Static

static

3

8caedd6332...3f.exe

windows7-x64

7

8caedd6332...3f.exe

windows10-2004-x64

Analysis

  • max time kernel
    120s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    03/02/2024, 15:28

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    8caedd63328a99b899f3c0510f065e3f.exe

  • Size

    1.9MB

  • MD5

    8caedd63328a99b899f3c0510f065e3f

  • SHA1

    1bed83cc4095ca3ccf34060ef3fbecbb9a1937e0

  • SHA256

    dd7b461ebb003ec151cfaf598c439ddef93ac5c3b4c4d27a0038c58f0f79550f

  • SHA512

    644ff8d7279464ba6e26938d13d072ebab8b04eb82f74ff59fd2b0a38f3f701500fd2ae5169795f0d7b0eade70fd10016a7c93318d953e5f3a508df95de88f07

  • SSDEEP

    49152:Qoa1taC070dGsvc6Pk2nX1RNO0ocDc/rAOpmStz16kIAx:Qoa1taC0Xsg2nlRpoN1/19Ik

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8caedd63328a99b899f3c0510f065e3f.exe
    "C:\Users\Admin\AppData\Local\Temp\8caedd63328a99b899f3c0510f065e3f.exe"
    1⤵
    • Loads dropped DLL
    • Suspicious use of WriteProcessMemory
    PID:2744
    • C:\Users\Admin\AppData\Local\Temp\8862.tmp
      "C:\Users\Admin\AppData\Local\Temp\8862.tmp" --splashC:\Users\Admin\AppData\Local\Temp\8caedd63328a99b899f3c0510f065e3f.exe A455844FEAB5F81A039744D7009C9FB1CC79DB1F5A3C954E883797CCC9C898ACE09F6C103F0127CE8A3D3A838A85144EFCDE32703F71BA2C8C8EC70CDC04AC40
      2⤵
      • Deletes itself
      • Executes dropped EXE
      PID:2700

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • \Users\Admin\AppData\Local\Temp\8862.tmp
          Filesize

          1.9MB

          MD5

          fd60672214aa4889f0249b45e4c08bf9

          SHA1

          5c85076bc69517d041f618a7e9833f4ca2c9382f

          SHA256

          c5b4fea851248cc80ace0bc4340d02a22769fec067cfefdbb1249f2bd351ea8b

          SHA512

          edfc9c87f7f7ea8e529efe4f47e4266c016d98ada85f03f51ad8c240a8da3db8053f3d217eba4d98cffb2f31f0be2ad0c1d685ea0b143a4fe27f417fe9b8339c

          Download Submit

        • memory/2700-6-0x0000000000400000-0x00000000005E6000-memory.dmp

          Filesize

          1.9MB

          Download

        • memory/2744-0-0x0000000000400000-0x00000000005E6000-memory.dmp

          Filesize

          1.9MB

          Download